skip to main content
article

Scaling network verification using symmetry and surgery

Published:11 January 2016Publication History
Skip Abstract Section

Abstract

On the surface, large data centers with about 100,000 stations and nearly a million routing rules are complex and hard to verify. However, these networks are highly regular by design; for example they employ fat tree topologies with backup routers interconnected by redundant patterns. To exploit these regularities, we introduce network transformations: given a reachability formula and a network, we transform the network into a simpler to verify network and a corresponding transformed formula, such that the original formula is valid in the network if and only if the transformed formula is valid in the transformed network. Our network transformations exploit network surgery (in which irrelevant or redundant sets of nodes, headers, ports, or rules are ``sliced'' away) and network symmetry (say between backup routers). The validity of these transformations is established using a formal theory of networks. In particular, using Van Benthem-Hennessy-Milner style bisimulation, we show that one can generally associate bisimulations to transformations connecting networks and formulas with their transforms. Our work is a development in an area of current wide interest: applying programming language techniques (in our case bisimulation and modal logic) to problems in switching networks. We provide experimental evidence that our network transformations can speed up by 65x the task of verifying the communication between all pairs of Virtual Machines in a large datacenter network with about 100,000 VMs. An all-pair reachability calculation, which formerly took 5.5 days, can be done in 2 hours, and can be easily parallelized to complete in

References

  1. S. Aggarwal, R. Kurshan, and K. Sabnani. A calculus for protocol specification and validation. Protocol Specification, Testing, and Verification, 3(1), 1983.Google ScholarGoogle Scholar
  2. C. J. Anderson, N. Foster, A. Guha, J.-B. Jeannin, D. Kozen, C. Schlesinger, and D. Walker. NetKAT: semantic foundations for networks. In POPL, 2014. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. M. A. Armstrong. Groups and Symmetry. Springer, 1988.Google ScholarGoogle ScholarCross RefCross Ref
  4. S. Arun-Kumar. On bisimilarities induced by relations on actions. In SEFM, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. N. Bjørner, G. Juniwal, R. Mahajan, S. A. Seshia, and G. Varghese. ddnf: An efficient data structure for header spaces. Technical report, Microsoft Research, November 2015. URL http://research. microsoft.com/apps/pubs/default.aspx?id=258188.Google ScholarGoogle Scholar
  6. E. M. Clarke, T. Filkorn, and S. Jha. Exploiting symmetry in temporal logic model checking. In CAV, 1993. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. E. Emerson and A. Sistla. Symmetry and model checking. Formal Methods in System Design, 9(1-2):105–131, 1996. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. E. A. Emerson and A. P. Sistla. Symmetry and model checking. In CAV, 1993. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. C. Flanagan and S. Qadeer. Thread-modular model checking. In SPIN, 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. A. Fogel, S. Fung, L. Pedrosa, M. Walraed-Sullivan, R. Govindan, R. Mahajan, and T. Millstein. A general approach to network configuration analysis. In NSDI, 2015. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. N. Foster, D. Kozen, M. Milano, A. Silva, and L. Thompson. A coalgebraic decision procedure for NetKAT. In POPL, 2015. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. M. Hasegawa. Models of Sharing Graphs: A Categorical Semantics of let and letrec. PhD thesis, University of Edinburgh, 1997.Google ScholarGoogle Scholar
  13. M. Hasegawa, M. Hofmann, and G. Plotkin. Finite dimensional vector spaces are complete for traced symmetric monoidal categories. In Pillars of Computer Science: Essays Dedicated to Boris (Boaz) Trakhtenbrot on the Occasion of His 85th Birthday, pages 367–385. Springer Berlin Heidelberg, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. N. Ip and D. Dill. Better verification through symmetry. Formal Methods in System Design, 9(1), 1996. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. P. Kazemian, G. Varghese, and N. McKeown. Header space analysis: static checking for networks. In NSDI, 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. P. Kazemian, M. Chang, H. Zeng, G. Varghese, N. McKeown, and S. Whyte. Real time network policy checking using header space analysis. In NSDI, 2013. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. A. Khurshid, X. Zou, W. Zhou, M. Caesar, and P. B. Godfrey. Veri-Flow: verifying network-wide invariants in real time. In NSDI, 2013. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. J. F. Kurose and K. Ross. Computer Networking: A Top-Down Approach Featuring the Internet. Addison-Wesley Longman Publishing Co., Inc., Boston, MA, USA, 2nd edition, 2002. ISBN 0201976994. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Z. Li, M. Liang, L. O’Brien, and H. Zhang. The cloud’s cloudy moment: A systematic survey of public cloud service outage. International Journal of Cloud Computing and Services Science (IJCLOSER), 2(5):321–331, 2013.Google ScholarGoogle Scholar
  20. N. P. Lopes, N. Bjørner, P. Godefroid, K. Jayaraman, and G. Varghese. Checking beliefs in dynamic networks. In NSDI, 2015. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. B. Lubachevsky. An approach to automating the veri cation of compact parallel coordination programs. Acta Informatica, 21(2), 1984. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. H. Mai, A. Khurshid, R. Agarwal, M. Caesar, P. B. Godfrey, and S. T. King. Debugging the data plane with Anteater. In SIGCOMM, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. R. Majumdar, S. D. Tetali, and Z. Wang. Kuai: A model checker for software-defined networks. In FMCAD, 2014. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. R. Milner. Communication and Concurrency. Prentice-Hall, 1989. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. R. Milner. The Space and Motion of Communicating Agents. Cambridge University Press, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. C. Monsanto, N. Foster, R. Harrison, and D. Walker. A compiler and run-time system for network programming languages. In POPL, 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. T. Nelson, A. D. Ferguson, M. J. G. Scheer, and S. Krishnamurthi. Tierless programming and reasoning for software-defined networks. In NSDI, 2014. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. D. Sangiorgi. On the origins of bisimulation and coinduction. ACM Trans. Program. Lang. Syst., 31(4):15:1–15:41, May 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. R. E. Tarjan. Efficiency of a good but not linear set union algorithm. J. ACM, 22(2):215–225, 1975. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. H. Yang and S. Lam. Real-time verification of network properties using atomic predicates. In ICNP, 2013.Google ScholarGoogle ScholarCross RefCross Ref
  31. H. Zeng, P. Kazemian, G. Varghese, and N. McKeown. Automatic test packet generation. In CoNEXT, 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. S. Zhang and S. Malik. SAT based verification of network data planes. In ATVA, 2013.Google ScholarGoogle ScholarCross RefCross Ref
  33. S. Zhang, S. Malik, and R. McGeer. Verification of computer switching networks: An overview. In ATVA, 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Scaling network verification using symmetry and surgery

                    Recommendations

                    Comments

                    Login options

                    Check if you have access through your login credentials or your institution to get full access on this article.

                    Sign in

                    Full Access

                    • Published in

                      cover image ACM SIGPLAN Notices
                      ACM SIGPLAN Notices  Volume 51, Issue 1
                      POPL '16
                      January 2016
                      815 pages
                      ISSN:0362-1340
                      EISSN:1558-1160
                      DOI:10.1145/2914770
                      • Editor:
                      • Andy Gill
                      Issue’s Table of Contents
                      • cover image ACM Conferences
                        POPL '16: Proceedings of the 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
                        January 2016
                        815 pages
                        ISBN:9781450335492
                        DOI:10.1145/2837614

                      Copyright © 2016 ACM

                      Publisher

                      Association for Computing Machinery

                      New York, NY, United States

                      Publication History

                      • Published: 11 January 2016

                      Check for updates

                      Qualifiers

                      • article

                    PDF Format

                    View or Download as a PDF file.

                    PDF

                    eReader

                    View online with eReader.

                    eReader
                    About Cookies On This Site

                    We use cookies to ensure that we give you the best experience on our website.

                    Learn more

                    Got it!